Upload
ashutosh-singh
View
218
Download
0
Embed Size (px)
Citation preview
8/18/2019 Final Presentation for NACORE 2016.pptx
1/12
on
ANALYSIS OF DIFFERENT MIATTACK TYPES IN CLOUD
COMPUTING WITH THEIRRESPECTIVE SOLUTIONS
BY
PRIYANKA MISH
!
ASHUTOSH SIN
NACORE "#$%
8/18/2019 Final Presentation for NACORE 2016.pptx
2/12
S&enario o' C(o)* Co+,)tin-
Cloud computing model is a rapidly growing concept in the feld provides the ollowing services to their customers;
Enables ubiquitous conventional on!demand access to share
computing resources
"nlimited and ree o cost storage space to #eep our data ove
$etrieval o data anytime and anywhere
Transaction o data rom cloud server to client%s system
&utomated bac#up.
Even ater all these avorable cloud serv
drawbac# o security issues in cloud which ma#es the c
concerned. 'IT' attac#s are one o the main concern to be
8/18/2019 Final Presentation for NACORE 2016.pptx
3/12
Ke. &on&e,t o' Man/in/t0eMi**(e Atta&1
& 'an!in!the!middle attac# is a type o cyberattac# where actor inserts him)hersel into a conversation between tw
impersonates both parties and gains access to inormatio
two parties were e*changing with each other.
'an!in!the!middle attac# allows a malicious actor to inter
and receive data meant or third party or not meant to be
without either outside party #nowing until it is too late.
8/18/2019 Final Presentation for NACORE 2016.pptx
4/12
E2a+,(e o' o&&)rren&e o' MITM attao3er &(o)*
8/18/2019 Final Presentation for NACORE 2016.pptx
5/12
T.,es o' MITM atta&1 an* t0eirres,e&ti3e so()tions
'&-!I-!TE!'I//0E &TT&C
2rapping&ttac# Impersonating&ttac# 3looding &ttac# 4rowser &ttac#
8/18/2019 Final Presentation for NACORE 2016.pptx
6/12
$4Wra,,in- Atta&1 or 5ML Si-nat)re A
Sit)ation o' atta&1 /uring the message passing usmessages rom web server to a web browser an unauthorise
can intercept in T05 layer. The body o the message is replsent to the server as an authentic user. The server cauthentication by the 5ignature 9alue :which is also duplicintegrity chec#ing or the message is done. In this way the able to interere in the cloud and can run malicious code tothe usual unctioning o the cloud servers.Possi6(e so()tion 2e can add a redundant bit :5T&'8 bi
57&8 headerspecifcally or the appended signature value and this bswitched)toggled when the message is interered witunauthorised party during the transer. 2hen it is receivdestination the 5T&'8 bit is chec#ed frst and i it is ounthen a new signature value is generated in the browser en
new value sent bac# to the server as recorded to mauthenticity chec#ing.
8/18/2019 Final Presentation for NACORE 2016.pptx
7/12
"4 I+,ersonatin- Atta&1
Sit)ation o' atta&1 Impersonating attac# can ta#e plaorms;
P0is0in- atta&17 where the users are made to believe thainteracting with valid server by creating a web page that loto the valid server page.
Veri8er i+,ersonation atta&1 where the attac#er acverifer and lure the customer to share the authentication #e
which may then be used to authenticate alsely to the verifePossi6(e so()tion In a cloud environment impersonating be moderated by using two!actor and multi actor authmechanisms that rely on personally identifable inormatioaddition to passwords. 8rivacy enhancing protocols that secuand avoid storage o secrets can also help cloud provideimpersonation attac#s under control.
8/18/2019 Final Presentation for NACORE 2016.pptx
8/12
94 F(oo*in- Atta&1
Sit)ation o' atta&1 I' an intruder gets the authori>ationrequest to the cloud then it can easily create bogus data and
requests to the cloud server. 2hile e*ecuting these requestsfrst chec#s the authenticity o the requested ?obsunauthenticated requests must be chec#ed to veriy their vprocess o chec#ing consumes C8" utili>ation memory and Iaa5 to a great e*tent. 2hile processing these requestsservices can starve and as a result the server will o@oad its
another server. &gain the same thing will occur and the adengage the whole cloud system ?ust by interrupting the usuao one server in essence Aooding the system.Possi6(e So()tion 3or the prevention o Aooding attac# environment we propose the concept o organi>ing all the seAeet o server over the cloud environment in such a way soAeet o servers are supposed to perorm the ?obs accordinspecifcations.
8/18/2019 Final Presentation for NACORE 2016.pptx
9/12
:4 Bro;ser Atta&1
Sit)ation o' atta&1 In 4rowser attac# the spurious user sby destructing signature and sabotaging encryption while t57&8 messages between web browser and web server. Tconsider the adversary as a authenticated user and procommunication and requests with web server which causes brover cloud.Possi6(e So()tion The proposed solution to stop data ste
at the end o every session the customer will send an e!'ausage and duration with a special number to be used or log In this way the customer will be aware o the usage and chargbe availed with a unique number to be used every time tosystem.
8/18/2019 Final Presentation for NACORE 2016.pptx
10/12
8/18/2019 Final Presentation for NACORE 2016.pptx
11/12
Possi6(e so()tions "sing encrypted communication D authentication o the T05 always is the only and reliaprevent)detect Stri,,in- atta&1 . This means in practice thae*change the server and the user end up with certain share#eys.
3or preventing Sni=n- atta&1 cloud vendors must constru
browsers that apply 25!5ecurity concept. 25!5ecurity provide
encryption and does not have to be decrypted at interm
Consequently attac#ers are unable to sniH and gain plain messages at the intermediary hosts.Con&()sion 'IT' attac#s are the most common typimplemented by the unauthorised users over cloud. Thus to reliability o the cloud users we must be aware o these attac#and should employ the more stringent layers o security toprevent such attac#s to protect the confdential data ovimplementing all the above possible solutions or their respectivcan avoid the attac#er%s intention to e*ploit the data over cloud
8/18/2019 Final Presentation for NACORE 2016.pptx
12/12
THANK YOU